{"id":"https://openalex.org/W2114645751","doi":"https://doi.org/10.1109/acsac.2008.34","title":"Attack Grammar: A New Approach to Modeling and Analyzing Network Attack Sequences","display_name":"Attack Grammar: A New Approach to Modeling and Analyzing Network Attack Sequences","publication_year":2008,"publication_date":"2008-12-01","ids":{"openalex":"https://openalex.org/W2114645751","doi":"https://doi.org/10.1109/acsac.2008.34","mag":"2114645751"},"language":"en","primary_location":{"id":"doi:10.1109/acsac.2008.34","is_oa":false,"landing_page_url":"https://doi.org/10.1109/acsac.2008.34","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2008 Annual Computer Security Applications Conference (ACSAC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5070946957","display_name":"Yinqian Zhang","orcid":"https://orcid.org/0000-0002-7585-1075"},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yinqian Zhang","raw_affiliation_strings":["School of Information Security Engineering, Shanghai Jiaotong university, China","Sch. of Inf. Security Eng., Shanghai Jiao Tong Univ., Shanghai"],"affiliations":[{"raw_affiliation_string":"School of Information Security Engineering, Shanghai Jiaotong university, China","institution_ids":["https://openalex.org/I183067930"]},{"raw_affiliation_string":"Sch. of Inf. Security Eng., Shanghai Jiao Tong Univ., Shanghai","institution_ids":["https://openalex.org/I183067930"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5005146285","display_name":"Xun Fan","orcid":null},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xun Fan","raw_affiliation_strings":["School of Information Security Engineering, Shanghai Jiaotong university, China","Sch. of Inf. Security Eng., Shanghai Jiao Tong Univ., Shanghai"],"affiliations":[{"raw_affiliation_string":"School of Information Security Engineering, Shanghai Jiaotong university, China","institution_ids":["https://openalex.org/I183067930"]},{"raw_affiliation_string":"Sch. of Inf. Security Eng., Shanghai Jiao Tong Univ., Shanghai","institution_ids":["https://openalex.org/I183067930"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100713692","display_name":"Yijun Wang","orcid":"https://orcid.org/0000-0002-3372-8167"},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yijun Wang","raw_affiliation_strings":["School of Information Security Engineering, Shanghai Jiaotong university, China","Sch. of Inf. Security Eng., Shanghai Jiao Tong Univ., Shanghai"],"affiliations":[{"raw_affiliation_string":"School of Information Security Engineering, Shanghai Jiaotong university, China","institution_ids":["https://openalex.org/I183067930"]},{"raw_affiliation_string":"Sch. of Inf. Security Eng., Shanghai Jiao Tong Univ., Shanghai","institution_ids":["https://openalex.org/I183067930"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5062829885","display_name":"Zhi Xue","orcid":"https://orcid.org/0000-0003-2875-304X"},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhi Xue","raw_affiliation_strings":["School of Information Security Engineering, Shanghai Jiaotong university, China","Sch. of Inf. Security Eng., Shanghai Jiao Tong Univ., Shanghai"],"affiliations":[{"raw_affiliation_string":"School of Information Security Engineering, Shanghai Jiaotong university, China","institution_ids":["https://openalex.org/I183067930"]},{"raw_affiliation_string":"Sch. of Inf. Security Eng., Shanghai Jiao Tong Univ., Shanghai","institution_ids":["https://openalex.org/I183067930"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5070946957"],"corresponding_institution_ids":["https://openalex.org/I183067930"],"apc_list":null,"apc_paid":null,"fwci":1.7493,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.89688244,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"215","last_page":"224"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7662668228149414},{"id":"https://openalex.org/keywords/attack-model","display_name":"Attack model","score":0.566798210144043},{"id":"https://openalex.org/keywords/grammar","display_name":"Grammar","score":0.5064119100570679},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.46195319294929504},{"id":"https://openalex.org/keywords/adaptive-grammar","display_name":"Adaptive grammar","score":0.41059035062789917},{"id":"https://openalex.org/keywords/regular-grammar","display_name":"Regular grammar","score":0.3605737090110779},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.24873855710029602},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2105334997177124},{"id":"https://openalex.org/keywords/generative-grammar","display_name":"Generative grammar","score":0.16235396265983582},{"id":"https://openalex.org/keywords/emergent-grammar","display_name":"Emergent grammar","score":0.1382502019405365}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7662668228149414},{"id":"https://openalex.org/C65856478","wikidata":"https://www.wikidata.org/wiki/Q3991682","display_name":"Attack model","level":2,"score":0.566798210144043},{"id":"https://openalex.org/C26022165","wikidata":"https://www.wikidata.org/wiki/Q8091","display_name":"Grammar","level":2,"score":0.5064119100570679},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.46195319294929504},{"id":"https://openalex.org/C121017423","wikidata":"https://www.wikidata.org/wiki/Q4680743","display_name":"Adaptive grammar","level":5,"score":0.41059035062789917},{"id":"https://openalex.org/C80191660","wikidata":"https://www.wikidata.org/wiki/Q645527","display_name":"Regular grammar","level":4,"score":0.3605737090110779},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.24873855710029602},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2105334997177124},{"id":"https://openalex.org/C39890363","wikidata":"https://www.wikidata.org/wiki/Q36108","display_name":"Generative grammar","level":2,"score":0.16235396265983582},{"id":"https://openalex.org/C69298649","wikidata":"https://www.wikidata.org/wiki/Q6045214","display_name":"Emergent grammar","level":3,"score":0.1382502019405365},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/acsac.2008.34","is_oa":false,"landing_page_url":"https://doi.org/10.1109/acsac.2008.34","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2008 Annual Computer Security Applications Conference (ACSAC)","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.413.4542","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.413.4542","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.isi.edu/~xunfan/research/attack_grammar.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":34,"referenced_works":["https://openalex.org/W1278625838","https://openalex.org/W1493327060","https://openalex.org/W1518431406","https://openalex.org/W1580591826","https://openalex.org/W1590752147","https://openalex.org/W1602380388","https://openalex.org/W1965332127","https://openalex.org/W1990414757","https://openalex.org/W2002089154","https://openalex.org/W2025113626","https://openalex.org/W2054127354","https://openalex.org/W2068789742","https://openalex.org/W2083658929","https://openalex.org/W2100033648","https://openalex.org/W2104588447","https://openalex.org/W2109662977","https://openalex.org/W2110908300","https://openalex.org/W2117694832","https://openalex.org/W2121805588","https://openalex.org/W2122269808","https://openalex.org/W2125377756","https://openalex.org/W2132243817","https://openalex.org/W2139401142","https://openalex.org/W2150127671","https://openalex.org/W2157554212","https://openalex.org/W2163277533","https://openalex.org/W2798619248","https://openalex.org/W4249173680","https://openalex.org/W4285719527","https://openalex.org/W6629556936","https://openalex.org/W6635235395","https://openalex.org/W6674999077","https://openalex.org/W6679383015","https://openalex.org/W6682144877"],"related_works":["https://openalex.org/W4312310674","https://openalex.org/W2619311298","https://openalex.org/W4300277234","https://openalex.org/W2940776972","https://openalex.org/W2124852675","https://openalex.org/W2113021919","https://openalex.org/W2997512391","https://openalex.org/W1973854449","https://openalex.org/W82848659","https://openalex.org/W2083725103"],"abstract_inverted_index":{"Attack":[0,59],"graphs":[1,34,100],"have":[2,15,154],"been":[3,16],"used":[4],"to":[5,18,35,52,105,141,159,168],"show":[6],"multiple":[7],"attack":[8,37,50,57,68,77,90,99,111,134,152],"paths":[9,38],"in":[10,63],"large":[11],"scale":[12],"networks.":[13],"They":[14,79],"proved":[17],"be":[19,103],"useful":[20],"utilities":[21],"for":[22,83],"network":[23,56],"hardening":[24],"and":[25,54,101,124,147],"penetration":[26],"testing.":[27],"However,":[28],"the":[29,49,64,71,84,89,106,110,129,142,151,160,163,169],"basic":[30],"concept":[31],"of":[32,73,98,132,144,162,171],"using":[33],"represent":[36],"has":[39],"limitations.":[40],"In":[41],"this":[42],"paper,":[43],"we":[44],"propose":[45],"a":[46,95,114,155],"new":[47],"approach,":[48],"grammar,":[51,164],"model":[53],"analyze":[55],"sequences.":[58],"grammars":[60,69],"are":[61,80],"superior":[62],"following":[65],"areas:":[66],"First,":[67],"express":[70],"interdependency":[72],"vulnerabilities":[74],"better":[75,122],"than":[76],"graphs.":[78],"especially":[81],"suitable":[82],"IDS":[85],"alerts":[86],"correlation.":[87],"Second,":[88],"grammar":[91,112,135,153],"can":[92,102],"serve":[93],"as":[94],"compact":[96],"representation":[97],"converted":[104],"latter":[107],"easily.":[108],"Third,":[109],"is":[113,137,166],"context-free":[115],"grammar.":[116],"Its":[117],"logical":[118],"formality":[119],"makes":[120],"it":[121],"comprehended":[123],"more":[125],"easily":[126],"analyzed.":[127],"Finally,":[128],"algorithmic":[130],"complexity":[131],"our":[133],"approach":[136],"quartic":[138],"with":[139],"respect":[140],"number":[143,170],"host":[145,172],"clusters,":[146],"analyses":[148],"based":[149],"on":[150],"run":[156],"time":[157],"linear":[158],"length":[161],"which":[165],"quadratic":[167],"clusters.":[173]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2014,"cited_by_count":1},{"year":2013,"cited_by_count":1},{"year":2012,"cited_by_count":4}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}